Extreme Networks Summit 300-48 User Manual
Page 114
114
Summit 300-48 Switch Software User Guide
Access Policies
create access-mask
{dest-mac}
{source-mac}
{vlan }
{ethertype}
{tos | code-point}
{ipprotocol}
{dest-ip /
{source-ip /
{source-L4port | {icmp-type} {icmp-code}}
{permit-established}
{egressport}
{ports}
{precedence
Creates an access mask. The mask specifes
which packet fields to examine. Options include:
•
— Specifies the
access mask name. The access mask name
can be between 1 and 31 characters.
•
dest-mac
— Specifies the destination MAC
address field.
•
source-mac
— Specifies the source MAC
address field.
•
vlan
— Specifies the VLANid field.
•
ethertype
— Specifies the Ethertype field.
•
tos
— Specifies the IP precedence field.
•
code-point
— Specifies the DiffServ code
point field.
•
ipprotocol
— Specifies the IP protocol
field.
•
dest-ip
— Specifies the IP destination field
and subnet mask. You must supply the
subnet mask.
•
dest-L4port
— Specifies the destination
port field.
•
source-ip
— Specifies the IP source
address field and subnet mask. You must
supply the subnet mask.
•
source-L4port
— Specifies the source
port field.
•
icmp-type
— Specify the ICMP type field.
•
icmp-code
— Specify the ICMP code field.
•
permit-established
— Specifies the TCP
SYN/ACK bit fields.
•
egressport
— Specify the egress port
•
ports
— Specifies the ingress port(s) on
which this rule is applied.
•
precedence
— Specifies the access mask
precedence number. The range is 1 to
25,600.
Table 39: Access Control List Configuration Commands (continued)
Command
Description